13 matches found
EUVD-2020-12076
Malware in sbrugna...
CVE-2020-1196
An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'...
Privilege escalation
An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'...
CVE-2020-1196
An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'...
CVE-2020-1196
CVE-2020-1196 is described as an elevation of privilege vulnerability in Windows Print Configuration, caused by how printconfig.dll handles objects in memory. The CVE entry notes local access is required with low attack complexity, and the impact is high on confidentiality, integrity, and availab...
KB4561649: Windows 10 June 2020 Security Update
The remote Windows host is missing security update 4561649. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execu...
KB4561602: Windows 10 Version 1709 June 2020 Security Update
The remote Windows host is missing security update 4561602. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execu...
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/file' require 'msf/core/post/windows/priv' require 'msf/core/post/windows/registry' TODO: Do we need this? require 'msf/core/exploit/exe' class...
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit
On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation
On vulnerable versions of Windows the alpc endpoint method SchRpcSetSecurity implemented by the task scheduler service can be used to write arbitrary DACLs to .job files located in c:\windows\tasks because the scheduler does not use impersonation when checking this location. Since users can creat...
Immunity Canvas: ALPC_TASKSCHED_LPE
Name| alpctaskschedlpe ---|--- CVE| CVE-2018-8440 Exploit Pack| CANVAS Description| ALPC Tasksched LPE Notes| CVE Name: CVE-2018-8440 Notes: WARNING: The PrintConfig.dll on the target host will be overwritten when the exploit runs. Tested: Windows 10 1703 x64 Windows 10 1803 x86 VENDOR: Microsoft...
Microsoft Windows 10 Local Extraction Vulnerability
Windows 10 is a series of personal computer operating systems produced by Microsoft as part of the Windows NT family of operating systems. Microsoft Windows 10 suffers from a local extraction vulnerability. An attacker can then exploit the program to write extraction code to printconfig.dll and...
Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation
Microsoft Windows - Advanced Local Procedure Call ALPC Local Privilege Escalation Note: PoC will now hijack the print spooler service - spoolsv.exe - as it required less code then hijacking printfilterpipelinesvc.exe, which was shown in the original video demo Description of the vulnerability The...